Uploaded image for project: 'DSpace'
  1. DSpace
  2. DS-4123

Create Integration Tests to prove access restricted Items cannot be accessed anonymously

    Details

    • Type: Task
    • Status: Volunteer Needed (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 7.0
    • Fix Version/s: 7.0
    • Component/s: REST API v7
    • Labels:
      None
    • Attachments:
      0
    • Comments:
      1
    • Documentation Status:
      Needed

      Description

      This ticket corresponds to task 4.14 "Enforce Item Access Restrictions" in our DSpace 7 Development Planning spreadsheet.  To make this task actionable, we have decided to require Integration Tests to prove this functionality works.

      (NOTE: Some related tests around access rights with embargoes, etc, already exist in https://github.com/DSpace/DSpace/blob/master/dspace-spring-rest/src/test/java/org/dspace/app/rest/ItemRestRepositoryIT.java )

      Tests should prove:

      • Admins can still access Item that are restricted
      • Community / Collection Admins can still access Items that are restricted
      • Users with specific rights can  still access Items that are restricted
      • Anonymous users CANNOT access Items that are restricted (neither metadata nor bitstreams)
      • Embargoed items cannot be accessed except by Administrators, or Community/Collection Admins

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              tdonohue Tim Donohue
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: